-
Notifications
You must be signed in to change notification settings - Fork 141
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
add ability to inject secrets in the pods #163
base: develop
Are you sure you want to change the base?
Conversation
_load_yaml() | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why is this needed?
| `housekeeping.args`. | Custom start up arguments for netbox container arguments. | `[]` | | ||
| `housekeeping.command` | Custom container entrypoint. | ["/opt/netbox/venv/bin/python","/opt/netbox/netbox/manage.py",rqworker] | |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nitpick: can you please swap these two lines? Logically I feel like that makes more sense as the args
are appended to the command
when both are present.
args: [] | ||
command: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same as the above, could we swap these around please?
args: [] | ||
command: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same as the above, could we swap these around please?
This issues is attempt to enable injecting of secrets via vault or other such tools. The issue is described here: #160.
With this change we can
consul-template -exec "/opt/netbox/venv/bin/python /opt/netbox/netbox/manage.py rqworker
at the entrypoint so vault can managed injection of the extra secrets./run/config/extra/vault/secrets.yaml
/run/config/extra/vault/secrets.yaml
and override the previously read the secetsLet me know if this makes sense.